Search

Subscribe

Russian Nuclear Launch Code Backup Procedure

The sledgehammer's existence first came to light in 1980, when a group of inspecting officers from the General Staff visiting Strategic Missile Forces headquarters asked General Georgy Novikov what he would do if he received a missile launch order but the safe containing the launch codes failed to open.

Novikov said he would “knock off the safe’s lock with the sledgehammer” he kept nearby, the spokesman said.

At the time the inspectors severely criticized the general's response, but the General Staff’s top official said Novikov would be acting correctly.

Comments

I'm curious what was the nature of the criticisms? That the hammer was too primitive a tool for such an important job? That the hammer was kept too close to the safe? That the safe should have been strong enough to withstand a hammer?

It is not pointless at all. A locked safe still keeps anyone from stealing the codes without anyone else noticing.

Just like a glass liquor cabinet: you know that your kid could break in to it, but he can't do it without someone noticing. And breaking in to a proper safe takes at least some time.

Also, you have to consider the alternative; would country's nuclear arsenal be rendered useless if it is made so safe that you cannot use it even to retaliate if the guy carrying the key cannot fulfill his job? That would make it vulnerable. And you not want the leaders of a nuclear armed country to be in constant fear about their capabilities.

Funny, I guess ... but I wonder if they actually rehearsed this "Plan B"? If the safe is of any remotely adequate quality, it will take a heck of a long time to open with a sledgehammer. Certainly many times longer than the proverbial 4 minutes!

And if the lock is anything like a proper safe lock then "knocking the lock off" with a sledgehammer will achieve precisely nothing, except that you will get a lot of bemused looking Russians standing around saying "Oh, дерьмо, now what!?"

(And if we continue the "Russians are vodka-addled thugs" humour, the next act will involve explosives, a substantial risk of personal injury, and the accidental incineration of the codes.)

The story would make more sense if the "safe" was actually just a cashbox secured with a padlock. But if that is the case, the real story is that Russians didn't really take much care to prevent unauthorised triggering of nuclear holocausts.

Let's be honest, they just knew it wasn't worth worrying about if it ever got to that point. Any finesse or care is probably wasted at that point. Any analysis is going to be debating billions dead, to which one particular anacdote of incompetence is somewhat moot. When the time came to press the button you would probably be doing the world a favour if you just dropped the keys under your chair and fell over drunk.

That was (is?) the UK's nuclear procedure
.
When they got the order to launch the sub commanders were supposed to surface and listen to see if Radio4 (ie the UK's NPR) was broadcasting - if it wasn't they opened sealed orders put in the safe by the prime minister when he/she came into office.

A former PM revealed that the alternatives were either to launch anyway, to hand the sub over to the Americans, or to jetison the weapons and sail to Australia and live happily in the sunshine.
The idea being if you go to this point the deterrent had failed and killing a few more millions was pointless

Also, you have to consider the alternative; would country's nuclear arsenal be rendered useless...

Actualy this appears to be true for the US system involving PALs.

On set of PALs was like the rotors on an Enigma machine and apparently many of the slip rings were found to be incorrectly set. So that if the right code was put in it actually resulted in the wrong wiring combination so would fail.

Further other tests showed that the "stolen weapons prevention" systems would cause a fizzle or down right failure on something like half the nukes simply because they were to stringently designed and did not age well.

The Russians on the other hand did not have such things in the majority of their smaller nukes and worked on the theory that it was better to use human guards who if they failed in their task knew it was early retirment with a pay of of a half ounce of lead, so they had a good incentive to perform well. Oh the russians also used real chemical weapons during training and planned for between an 8 and 12% attrition rate. And for those that have seen russian NBC kit it used to be like a cross between an old style diving suit and what is sometimes known in certain select circles as a Gimp suit.

The US also had another issue in that their "two man" system did not work. Under realistic testing they found that few would push the button on command of the system and would try to use other communications methods to get confirmation.

So at one point in time considerably less than half the US nukes would be launched in thhe required time window and of those that would have got away the majority would have failed to work satisfactorily...

I'm almost always a fan of openness and transparency, but isn't it a bit umm stupid to reveal this. Of course it could be a fake story or just a "little sliver", but the "nuclear people" have managed to not blow the world up for awhile now (which amazes me), though we've come very close; let's keep it that way, shall we?

@roger -- There's a good chance it would have worked instantly. The Russians were known for using 'seal' locks on their safes:http://blackbag.nl/?p=31

A lock like that would be easily knocked off with a sledgehammer, and after that the safe could be opened instantly. This may be a reason the Russians used such locks -- a mechanical failure wasn't at all catastrophic.

Right? The launch code was added because the whitehouse demanded control over the ability to launch (hence the presidents famous briefcase of codes) and were worried about rogue officers going crazy and launching, but the USAF didn't trust the chain of command in the event of armageddon, and believed their officers were patriots and flawless.
So the system was built, and the code set to all zeros, and the code was even added to the launch manuals, to ensure that officers could launch if they needed to. Of course, no president said, hand me that briefcase, I want to check what the launch code is set to....

Weirdly, differing points of view based on differing source data and risk assessments ("My password is 'password', nobody will guess that!") is exactly our central challenge in this industry....

Back when I was a graduate student, in the dying days of the text-only CRT terminal, for some unknown reason the grad student computer lab had in it a very hefty 1m long monkey wrench. Thinking like a Soviet general, I put a label on it: "Emergency manual hard reset device."

I went and read snopes space pen story and it actually confirms the legend: the space pen cost a million $ to develop (to Fisher) and the Soviets used pencils. Til 68? Thats bs. They were not going to be buying american pens for their cosmonauts in the middle of the cold war. Give me break.

@Zaphod:
"I put it to you, sir, that a pre-emptive strike from the former USSR was the most probable scenario."

That may or may not be true, but in that case the method of opening the safe is irrelevant. Apart from anything else, they could even drive over to the missile launchers with new codes.

@eric:
I hadn't known about those, found it very interesting. However: it isn't defeated by a sledgehammer. You can (perhaps) knock the seal lock off with a sledgehammer, but there's still the original safe lock underneath.

@Clive: "The US also had another issue in that their "two man" system did not work. Under realistic testing they found that few would push the button on command of the system and would try to use other communications methods to get confirmation."

I think you're remembering the movie War Games. The way I understand it, the two-man system is to prevent unauthorized launches, not to guarantee launch on command as in the opening scene of that movie.

While it might make a good story, I am not sure that I believe it. Well-designed safes contain a relocker mechanism that, in effect, disconnects the lock from the bolts if you try to break in. Hitting the safe with a sledgehammer would make it harder to open, not easier.

Perhaps the real reason for the sledgehammer was that General Novikov planned to sabotage a launch.

Well-designed safes contain a relocker mechanism that, in effect, disconnects the lock from the bolts if you try to break in.

This has been discussed on this blog before. and the plain simple fact is "relockers" are not used in military circles mainly only civilian circles.

The reason for this is the nature of what you are protecting. In the civilian world it is mostly tangible physical objects where relockers have a significant "delaying advantage". In the military world it is mostly intangible information objects where there is absolutly no delay advantage as in effect it becomes a "denial of service attack" or it means prolonged uncertainty niether of which is at all desirable.

...until the early days of the Blair government the RAF's nuclear bombs were armed by turning a bicycle lock key.

There was no other security on the Bomb itself.

To arm the weapons you just open a panel held by two captive screws - like a battery cover on a radio - using a thumbnail or a coin.

Inside are the arming switch and a series of dials which you can turn with an Allen key to select high yield or low yield, air burst or groundburst and other parameters.

The Bomb is actually armed by inserting a bicycle lock key into the arming switch and turning it through 90 degrees. There is no code which needs to be entered or dual key system to prevent a rogue individual from arming the Bomb.

Actually, relocker or no relocker is irrelevant. Break the "lock" means to smash the dial. That would merely give a bent shaft to try to turn and unlock the safe.
He'd be better off with a hammer and chisel than a sledgehammer.
And trust me, I've WATCHED idiots try to open a military safe with a sledgehammer. They never got it open.
I opened it later. With a shaped charge.
Which shredded the contents, which is what I wanted done anyway. The safe was, of course, off of the property books.